Security lab offers hands-

It’s a hacker’s dream — an open lab with a multitude of computers inviting you to test out your latest virus, or crack another code. And it’s legal.

The University of Calgary and Calgary-based security company, Jaws Technology have combined forces to build a new research facility dedicated to the development of information security. The e-Security Innovation Center, a $1 million, 2,000 sq. ft. facility located on the edge of the U of C campus in Discovery Park, officially kicked off with a three-day course entitled, “Hot Issues in Computer Security,” a program title that actually describes the research lab’s entire focus, said Tom Keenan, dean of U of C’s faculty of continuing education.

“That’s kind of what the eSIC is all about: a chance to have courses like that, to demo products, to test products, break things,” Keenan said. “It’s kind of a lab for security people to go in where they won’t get into trouble for breaking things.”

The strictly research facility is a public/private partnership that Keenan hopes will expose students and other security professionals to the latest developments in e-security. He added the lab would be a perfect spot for students to research a Masters degree in information security, a course option he said is not offered in Canada.

“The problem is a lot of (the security work) is done in proprietary labs, but unless you’re tied in to that company you don’t get the benefit,” Keenan said. “So eSIC is kind of an “open source” approach to research, where a lot of people will be able to come together.”

Tej Minhas, the president and COO of Jaws, said his company chose to partner with U of C after working with Florida State in developing a curricula around information security. He said the U of C research lab is much more hands-on, and will be available to private companies to test and demo its own products, but Minhas also hopes to develop a security education platform designed around the Certification for Information Systems Security Professionals (CISSP).

“The universities are pretty good about churning out computer science people, but not necessarily information security people,” Minhas explained.

Mark Quigley, a senior analyst with The Yankee Group in Canada in Brockville, Ont., said the new eSIC could prove useful if companies using the facility choose to pool information and lab results.

“That kind of information would certainly prove vaulable to all the interested companies,” he suggested. “I would think that, right now, probably the most cross-pollination these folks would get is attending conferences.”

Some type of educational program geared to information security would also be helpful in correcting the shortage of skilled security professionals in Canada, Quigley added.

“Without that kind of formative schooling, I think it becomes more difficult for people to understand the next generation of either invasive attacks or security systems,” he said.

Currently, Minhas said Jaws is focused on attracting other technology partners to invest in the eSIC. Three levels of membership including Founder, Executive and Associate will allow organizations to have a say in the direction, operation and use of the centre.

So far, the response has been favourable, said Keenan, who is expecting another 50 attendees (at close to $800 a pop) to the next 3-day session of “Hot Issues in Computer Security” in November.

“I’ve been interested in computer security for 20 years,” Keenan noted. “And 20 years ago, you couldn’t find four people wanting to talk about it. But now I’ve got the head of corporate security for several different oil companies spending three days with me, because what people see is that computer security is front and centre in terms of protecting their important assets.”